No History for AD Group Membership - Hitachi ID Group Manager

Active Directory tracks membership in security groups and uses
this membership to connect users to file-system and other
resource access control lists (ACLs). In short, placing a user
into a security group is the main mechanism for granting security rights
to users in Windows.

Windows does not, however, track the history of security groups.
There is no way to know when a user was attached to a security
group, who authorized the change and why. This means that
Windows group membership - by itself - is inadequate for
forensic analysis.